Member Avatar for Ries

This is my code im using for my login, but when it re-directs to the next page the $_SESSION array doesnt contain any data, what is wrong with my coding that causes this(btw to check it had no data I echoed it and nothing came onto my screen)

<?PHP
session_start();
mysql_connect("localhost", "*******", "*******")or die(mysql_error());
mysql_select_db("eluxian");

$email = $_POST['email'];
$pass1 = $_POST['password'];

$pass = md5($pass1);

$check = mysql_query("SELECT password FROM members WHERE email='$email'")
or die("Email not found in database");
$fetch = mysql_fetch_array($check) or die(mysql_error());

$password = $fetch['password'];

if ($password != $pass){
echo "You entered a bad password";
}else{
$_SESSION['email'] = $email;
echo "<meta http-equiv='Refresh' content='0;url=news.php'>";
echo "Correct password. Forwarding now...";
}

?>
  • 3 Contributors
  • 3 Replies
  • 144 Views
  • 1 Day Discussion Span
  • Latest Post Latest Post by cancer10

Recommended Answers

All 3 Replies

Member Avatar for digital-ether

Where are you echoing the session variable?
You should try echoing it right at the top.

Maybe you're overwriting with $_SESSION = $email;
Where $email will be empty on the second load of the page.

Try something like...

if ($_SESSION['email']) {
// session is set, check if valid

} else {
// session not set, ask for login

}

Something to note:
sessions are available on the second load, after you set it.
(thats the reason we have it, continuity in a stateless protocol, http)
they dont always work, if cookies are not accepted by the browser, and your php ini only allows 'safe' sessions, where it isn't passed in the url, sessions will fail.

Member Avatar for cancer10

Dude you forgot to register the session, follow this code

$_SESSION = $email
session_register("email");

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.